Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29C6D43AA43E11EF8BA68B53762E951A.roa
File: 29C6D43AA43E11EF8BA68B53762E951A.roa (raw, json)
Hash identifier: PKFdbV/rTDLaTKLKpoifDdHJkYNdCu9nVKy1NPqwzks=
Subject key identifier: 46:50:12:9F:AA:0D:C1:B7:40:F9:1C:24:22:E8:E7:9E:F9:68:66:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D34E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29C6D43AA43E11EF8BA68B53762E951A.roa
Signing time: Sat 16 Nov 2024 17:13:57 +0000
ROA not before: Sat 16 Nov 2024 17:13:53 +0000
ROA not after: Tue 10 Dec 2024 17:13:53 +0000
asID: 64267
IP address blocks: 156.227.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54094 (0xd34e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 17:13:53 2024 GMT
Not After : Dec 10 17:13:53 2024 GMT
Subject: CN=6738d2d5-08a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:af:8a:c7:68:6b:e0:ca:e3:49:2d:0f:ad:b5:
f6:62:35:17:e9:27:ac:34:4b:21:64:7e:cb:a0:78:
8d:74:aa:44:de:f0:86:65:9b:22:54:b1:ba:38:2f:
4e:77:e5:5a:d9:73:51:ef:0a:f3:fa:e7:a5:4f:9f:
93:0a:fd:02:d3:cd:e1:01:63:89:68:7b:23:1d:8a:
be:e8:a6:e1:ed:95:9a:ca:ef:0e:ab:54:3a:ff:c6:
a8:80:a0:78:48:8a:47:07:7b:18:bb:aa:06:67:70:
d1:26:72:da:41:7e:3d:b1:c2:52:29:2d:92:a9:db:
3f:96:cf:da:0d:1b:af:29:30:2d:a5:86:9f:7f:4f:
8d:cb:16:28:9a:e6:52:f7:79:f8:aa:15:bf:97:e2:
55:74:bc:e3:9d:bd:36:42:99:2c:9d:10:0d:31:af:
79:e1:7f:fa:ce:e6:8d:da:c9:ad:0d:eb:9c:82:f0:
55:66:f5:32:6a:a2:ae:ca:41:bc:3c:69:0f:25:46:
57:2a:99:45:95:fa:37:0b:57:d7:df:9a:0d:eb:8d:
76:4d:53:68:49:93:66:ad:54:cc:31:3e:00:1d:f2:
dd:46:aa:ee:e9:1f:56:e0:26:15:e1:5b:73:c4:af:
15:ba:fa:68:64:f7:96:4d:30:05:39:50:fb:d2:63:
a3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:50:12:9F:AA:0D:C1:B7:40:F9:1C:24:22:E8:E7:9E:F9:68:66:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29C6D43AA43E11EF8BA68B53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.11.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ac:28:e9:f8:ef:28:e7:6f:23:06:1b:a7:91:27:1a:ed:e1:
bd:41:c5:1b:7e:5e:ea:6c:30:60:13:df:3e:25:34:8e:55:c1:
aa:ff:94:9d:b8:03:7b:ac:b4:1f:b1:1c:ea:83:fa:eb:c0:56:
99:63:07:5f:0d:3e:d6:d6:d7:2c:1a:2f:6c:f9:06:97:7e:5d:
32:9e:f2:5c:38:74:be:6d:06:69:6b:d0:e8:48:e9:e5:00:50:
ef:98:5b:b2:3d:0b:fb:52:55:61:b3:fd:de:39:04:a9:b7:83:
af:4d:f4:71:7b:5d:a2:eb:ab:17:9e:c0:2c:0f:34:26:1b:0e:
43:7f:12:d4:cc:97:c2:52:8f:47:8b:82:d7:71:ce:6c:78:c8:
3c:21:25:3e:54:b6:df:b8:5a:0e:80:56:8c:d8:df:c3:73:a0:
5e:7c:1e:40:8e:66:2c:96:93:be:a9:de:af:95:09:9c:31:db:
6d:1b:ca:90:02:11:e8:25:5b:3a:65:48:0f:bc:47:ef:1e:79:
68:7a:0c:b4:44:48:25:67:16:af:ac:11:ce:ca:7f:b6:f9:b6:
d0:78:66:7e:0f:23:c5:35:e4:cf:e3:4c:e4:e5:b2:79:54:be:
cb:88:b0:87:a7:79:97:c5:52:bd:a6:a4:2f:4b:96:45:42:86:
70:1d:3b:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANNOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTcxMzUzWhcNMjQxMjEwMTcxMzUzWjAYMRYw
FAYDVQQDEw02NzM4ZDJkNS0wOGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2a+Kx2hr4MrjSS0PrbX2YjUX6SesNEshZH7LoHiNdKpE3vCGZZsiVLG6
OC9Od+Va2XNR7wrz+uelT5+TCv0C083hAWOJaHsjHYq+6Kbh7ZWayu8Oq1Q6/8ao
gKB4SIpHB3sYu6oGZ3DRJnLaQX49scJSKS2Sqds/ls/aDRuvKTAtpYaff0+NyxYo
muZS93n4qhW/l+JVdLzjnb02QpksnRANMa954X/6zuaN2smtDeucgvBVZvUyaqKu
ykG8PGkPJUZXKplFlfo3C1fX35oN6412TVNoSZNmrVTMMT4AHfLdRqru6R9W4CYV
4VtzxK8VuvpoZPeWTTAFOVD70mOj2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEZQ
Ep+qDcG3QPkcJCLo5575aGY5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOUM2RDQzQUE0M0UxMUVGOEJBNjhCNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOMLMA0GCSqGSIb3DQEBCwUA
A4IBAQBBrCjp+O8o528jBhunkSca7eG9QcUbfl7qbDBgE98+JTSOVcGq/5SduAN7
rLQfsRzqg/rrwFaZYwdfDT7W1tcsGi9s+QaXfl0ynvJcOHS+bQZpa9DoSOnlAFDv
mFuyPQv7UlVhs/3eOQSpt4OvTfRxe12i66sXnsAsDzQmGw5DfxLUzJfCUo9Hi4LX
cc5seMg8ISU+VLbfuFoOgFaM2N/Dc6BefB5AjmYslpO+qd6vlQmcMdttG8qQAhHo
JVs6ZUgPvEfvHnloegy0REglZxavrBHOyn+2+bbQeGZ+DyPFNeTP40zk5bJ5VL7L
iLCHp3mXxVK9pqQvS5ZFQoZwHTt2
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:23 2024 by rpki-client on console-ams.rpki-client.org